CVE-2006-7065

Microsoft IE - Denial of Service

Title source: rule
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-7065. PoCs published by Thomas Pollet.

AI-analyzed exploit summary The provided entry describes a denial-of-service vulnerability in Microsoft Internet Explorer triggered by malicious HTML files. It references a binary exploit (28343.zip) but does not include executable code or technical details.

Description

Microsoft Internet Explorer allows remote attackers to cause a denial of service (crash) via an IFRAME with a certain XML file and XSL stylesheet that triggers a crash in mshtml.dll when a refresh is called, probably a null pointer dereference.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Thomas Pollet · textdoswindows
https://www.exploit-db.com/exploits/28343

The provided entry describes a denial-of-service vulnerability in Microsoft Internet Explorer triggered by malicious HTML files. It references a binary exploit (28343.zip) but does not include executable code or technical details.

Classification
Writeup 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Theoretical
Target: Microsoft Internet Explorer (unspecified version)
No auth needed
Prerequisites: Victim must open a malicious HTML file in Internet Explorer
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/19364

Scores

EPSS 0.1993
EPSS Percentile 97.1%

Details

Status published
Products (13)
canon/network_camera_server_vb101
microsoft/ie 6 (13 CPE variants)
microsoft/ie 6.0 (9 CPE variants)
microsoft/ie 7 (4 CPE variants)
microsoft/ie 7.0 (3 CPE variants)
microsoft/internet_explorer 6 sp1
microsoft/internet_explorer 6.0
microsoft/internet_explorer 6.0.2600
microsoft/internet_explorer 6.0.2800
microsoft/internet_explorer 6.0.2800.1106
... and 3 more
Published Mar 02, 2007
Tracked Since Feb 18, 2026